Logo
Compunnel, Inc.

Malware Analyst

Compunnel, Inc., Dallas

Save Job

Overview

The Malware Analyst is responsible for conducting in-depth analysis of potentially malicious Android applications, uncovering threat behaviors, and supporting security operations through technical reporting and client communication. This role requires strong expertise in reverse engineering, malware detection techniques, and Android internals, along with the ability to mentor junior analysts and contribute to threat detection automation.

Responsibilities

  • Conduct static and dynamic analysis of potentially malicious Android applications (APKs and SDKs).
  • Perform reverse engineering to uncover malicious behaviours and techniques used in Android threats.
  • Identify and analyse spyware, trojans, rootkits, and other mobile malware variants.
  • Analyse network traffic and detect indicators of command and control (C2) activity or data exfiltration.
  • Prepare clear and concise technical reports, including executive summaries for non-technical audiences.
  • Support client communications by presenting findings and answering questions.
  • Assist in mentoring or guiding junior analysts as needed.

Required Qualifications

  • Bachelor\'s degree in Computer Science, a related technical field, or equivalent practical experience.
  • 5 to 6 years of experience in security assessments, security design reviews, or threat modelling.
  • Experience in malware analysis, reverse engineering, and software development.
  • Security Techniques: Static analysis, dynamic analysis, behavioural analysis.
  • Understanding of Android internals (e.g., app lifecycle, permissions, DEX structure).
  • Familiarity with mobile app store policies and secure coding best practices.
  • Basic experience with network traffic analysis and protocol interception.
  • Awareness of PHA (Potentially Harmful App) categories and common Indicators of Compromise (IOCs).
  • Experience with reverse engineering tools: Ghidra, IDA Pro, Frida, Jadx, Burp Suite.
  • Knowledge of detection signature development, such as writing YARA rules.
  • Exposure to automation of threat detection pipelines or malware analysis workflows.
  • Ability to build or modify custom tools/scripts for reverse engineering or analysis.
  • Familiarity with scripting (e.g., Bash, Python) to streamline tasks and improve efficiency.

#J-18808-Ljbffr